exploitDog

CVE-2022-34064

Опубликовано: 24 июн. 2022

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

The Zibal package in PyPI v1.0.0 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

Ссылки

http://pypi.doubanio.com/simple/request
Not Applicable
https://pypi.org/project/zibal/
Product
Third Party Advisory
http://pypi.doubanio.com/simple/request
Not Applicable
https://pypi.org/project/zibal/
Product
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:zibal_project:zibal:1.0.0:*:*:*:*:pypi:*:*

EPSS

Процентиль: 77%

0.01078

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-w84j-m2wf-5885

CVSS3: 9.8

github

больше 3 лет назад

The Zibal package in PyPI v1.0.0 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

EPSS

Процентиль: 77%

0.01078

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

NVD-CWE-Other